CVE-2026-11498 Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11498 Tenda HG7HG9/HG10 Web Management voip_other_set asp_voip_OtherSet stack-based overflow

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11498

CVE-2026-11498 affects Tenda HG7HG9/HG10 devices (Web Management Interface) due to a stack-based buffer overflow in function asp_voip_OtherSet within the /boaform/voip_other_set module. The issue is triggered by manipulating the funckey_transfer parameter and can be exploited remotely over the ne...

CVE-2026-11413

A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function setmacfilter of the file /sbin/jdcwebrpc. The manipulation leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2026-36786

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36786

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36789

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

CVE-2026-36786

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

PT-2026-47308

A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...

CVE-2026-36789

CVE-2026-36789 concerns Shenzhen Tenda Technology’s AC1206 (v15.03.06.23). The advisory reports multiple stack overflows in the fromGstDhcpSetSer function triggered via username/password parameters, enabling a Denial of Service through a crafted HTTP request. A CVSS v3.1 base score of 7.5 (HIGH) ...

Tenda FH451 安全漏洞

The Tenda FH451 is a router produced by the Chinese company Tenda. The version Tenda FH451 V1.0.0.9 contains a security vulnerability. This vulnerability stems from a stack overflow issue in the list1 parameter of the fromDhcpListClient function, which could allow attackers to cause...

Tenda AC1206 安全漏洞

The Tenda AC1206 is a wireless Gigabit router produced by the Chinese company Tenda. The version Tenda AC1206 v15.03.06.23 contains a security vulnerability. This vulnerability stems from multiple stack overflows in the username and password parameters within the fromGstDhcpSetSer function. It...

EUVD-2026-35076

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

PT-2026-47310

A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub 45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-based buffer overflow. The attack may be launched remotely...

Important: radvd

Issue Overview: Stack Buffer Overflow in radvdump Route Information Option Parser NOTE: https://github.com/radvd-project/radvd/security/advisories/GHSA-52px-gh9p-m379 CVE-2026-48715 Affected Packages: radvd Issue Correction: Run dnf update radvd --releasever 2023.12.20260608 or dnf update...

PT-2026-47309

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...

PT-2026-47297

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

PT-2026-47434

Name of the Vulnerable Software and Affected Versions Tenda HG7HG9 and HG10 affected versions not specified Description A stack-based buffer overflow occurs due to the manipulation of the encodename argument within the formPPPEdit function of the file /boaform/formPPPEdit. This issue allows for...

PT-2026-47318

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

Amazon Linux 2023 : radvd (ALAS2023-2026-1799)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1799 advisory. Stack Buffer Overflow in radvdump Route Information Option Parser NOTE: https://github.com/radvd-project/radvd/security/advisories/GHSA-52px-gh9p-m379 CVE-2026-48715 Tenable has extracted the preceding...